From 405182c4f6f267806900b93c97da3232ccc0ed1c Mon Sep 17 00:00:00 2001
From: Ian Young <ian@iay.org.uk>
Date: Mon, 24 Aug 2009 10:33:24 +0000
Subject: [PATCH] Categorise self-signed certificates as a single issuer rather
 than as many unique issuers.

---
 build/probe_certs.pl | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/build/probe_certs.pl b/build/probe_certs.pl
index f52a3a0e..f20c286b 100755
--- a/build/probe_certs.pl
+++ b/build/probe_certs.pl
@@ -62,7 +62,7 @@
 	#
 	# Use openssl to convert the certificate to text
 	#
-	my(@lines, $issuer, $subjectCN, $issuerCN);
+	my(@lines, $subject, $issuer);
 	$cmd = "openssl x509 -in $temp_der -inform der -noout -text -nameopt RFC2253 -modulus |";
 	open(SSL, $cmd) || die "could not open openssl subcommand";
 	while (<SSL>) {
@@ -70,16 +70,18 @@
 		if (/^\s*Issuer:\s*(.*)$/) {
 			$issuer = $1;
 			#print "$hostPort: issuer is $issuer\n";
-			$issuers{$issuer}{$loc} = 1;
-			$numissued++;
-			if ($issuer =~ /CN=([^,]+)/) {
-				$issuerCN = $1;
-			} else {
-				$issuerCN = $issuer;
-			}
 		}
+		if (/^\s*Subject:\s*(.*)$/) {
+			$subject = $1;
+		}
+	}
+	
+	if ($subject eq $issuer) {
+		$issuer = "(self signed certificate)";
 	}
 
+	$issuers{$issuer}{$loc} = 1;
+	$numissued++;
 }
 print "\n\n";